Verify Network Ports on a Domain Controller

1. Introduction

In this article, we’ll explore script that tests the connectivity of various TCP and UDP ports on a domain controller. The script is useful for Domain Administrator / Windows Administrator/ Network administrators or system engineers to troubleshoot network connectivity, verify that critical ports are open, and ensure that services like DNS, LDAP are functioning properly.

2. Why Testing Ports is Important

 Port testing is important for maintaining the health and security of a network. Many core services on a domain controller depend on specific ports to function, including:

  • DNS on port 53
  • LDAP on port 389
  • SMB on port 445 Testing these ports allows administrators to verify that essential services are accessible and that the server is communicating effectively with other devices on the network.

3. Overview of the Script

The script we’ll be reviewing is designed to test TCP and UDP connectivity for multiple ports on a domain controller. It checks whether each port is open or closed and returns the status of each port in the output. 

4. How to Run the Script

To run this script on your own system, follow these steps:

  1. Open PowerShell with administrative privileges.
  2. Copy and paste the script into the PowerShell window or save the script .ps1 extension.
  3. Make sure the target domain controller (e.g., DC) is correct and replace it if necessary.
  4. Execute the script, and it will output whether each port (TCP and UDP) is open or closed.

5. Sample Output

 When you run the script, the output will show whether each port is open or closed. Here’s an example of what the output might look like:

 TCP 53 – Open
TCP 88 – Open
TCP 135 – Closed
TCP 389 – Open
UDP 53 – Open
UDP 88 – Closed

UDP 389 – Open

This output indicates that ports 53 and 389 (both TCP and UDP) are open, while ports 135 (TCP) and 88 (UDP) are closed.

6. Use Cases for the Script

This script is particularly useful for:

  • Troubleshooting network connectivity: Quickly verify if key ports for essential services like DNS, LDAP, and SMB are open on a domain controller.
  • Security auditing: Ensure that only necessary ports are open and accessible, reducing the attack surface of your domain controller.
  • Network monitoring: Automate the port testing process and integrate it into your network monitoring tools.

7. Conclusion

In this article, I’ve explained how a PowerShell script can serve as an invaluable tool for network troubleshooting, security auditing, and regular system maintenance. By testing the connectivity of essential TCP and UDP ports—such as 53 (DNS), 389 (LDAP), and 445 (SMB)—the script ensures that critical network services on a domain controller are accessible and functioning properly. System administrators can leverage this tool to efficiently monitor and maintain their network environment, minimizing downtime and enhancing overall system reliability.

8. Download the Script

To make it easier for you, I have provided the script for download.

Leave a Comment